RiskLens successfully completed a SOC 2 Type 2 audit and certification of our security measures and operational practices. The audit conducted by Johanson Group found 100% compliance by RiskLens with the rigorous standards for certification set by the American Institute of Certified Public Accountants’ (AICPA).
Johanson Group’s audit of RiskLens’ controls included examination over a period of time of our policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas.
As the creator of the FAIR standard for quantitative cyber risk analysis and the RiskLens SaaS platform in use at many major organizations as a critical component of risk management, RiskLens is keenly aware of the responsibility entrusted to us by our clients. The audit verified the security of the platform as well as the soundness of our corporate management and employment practices. Of course, we use FAIR analysis to assess our own risks on an ongoing basis; we also continuously update our compliance activities with a trust management platform.
“Our SOC 2 Type 2 Certification tells clients, particularly in regulated industries, that we are transparent about our internal controls, and we make sure that security comes first,” said Michael Glass, who leads internal audit for RiskLens. “We are committed to staying compliant, and up to date as frameworks evolve."